diff --git a/controllers/quay/quayregistry_controller.go b/controllers/quay/quayregistry_controller.go
index 75fadd2a8..2008af692 100644
--- a/controllers/quay/quayregistry_controller.go
+++ b/controllers/quay/quayregistry_controller.go
@@ -278,6 +278,34 @@ func (r *QuayRegistryReconciler) checkPostgresUpgradeStatus(
 				r.Log.Error(err, fmt.Sprintf("%s deployment could not be deleted", oldPostgresDeploymentName))
 			}
 
+			oldPostgresServiceName := fmt.Sprintf("%s-%s", quay.GetName(), "clair-postgres-old")
+			oldPostgresService := &corev1.Service{}
+			if err := r.Client.Get(
+				ctx,
+				types.NamespacedName{
+					Name:      oldPostgresServiceName,
+					Namespace: quay.GetNamespace(),
+				},
+				oldPostgresService,
+			); err != nil {
+				r.Log.Info(fmt.Sprintf("%s service not found, skipping", oldPostgresServiceName))
+				continue
+			}
+
+			// Remove owner reference from old service
+			obj, err = v1.RemoveOwnerReference(quay, oldPostgresService)
+			if err != nil {
+				log.Error(err, "could not remove owner reference from old postgres service")
+			}
+
+			// Delete old postgres deployment
+			if err := r.Client.Delete(
+				ctx,
+				obj,
+			); err != nil {
+				r.Log.Error(err, fmt.Sprintf("%s service could not be deleted", oldPostgresServiceName))
+			}
+
 			// Remove owner reference from old pvc so user can delete when ready
 			var oldPostgresPVCName string
 			if jobName == clairPostgresUpgradeJobName {
diff --git a/kustomize/components/clairpgupgrade/base/clair-pg-old.deployment.yaml b/kustomize/components/clairpgupgrade/base/clair-pg-old.deployment.yaml
index 46aa2da32..5514631de 100644
--- a/kustomize/components/clairpgupgrade/base/clair-pg-old.deployment.yaml
+++ b/kustomize/components/clairpgupgrade/base/clair-pg-old.deployment.yaml
@@ -3,20 +3,20 @@ kind: Deployment
 metadata:
   name: clair-postgres-old
   labels:
-    quay-component: clair-postgres
+    quay-component: clair-postgres-old
   annotations:
-    quay-component: clair-postgres
+    quay-component: clair-postgres-old
 spec:
   replicas: 1
   strategy:
     type: Recreate
   selector:
     matchLabels:
-      quay-component: clair-postgres
+      quay-component: clair-postgres-old
   template:
     metadata:
       labels:
-        quay-component: clair-postgres
+        quay-component: clair-postgres-old
     spec:
       terminationGracePeriodSeconds: 180
       serviceAccountName: clair-postgres
diff --git a/kustomize/components/clairpgupgrade/base/clair-pg-old.service.yaml b/kustomize/components/clairpgupgrade/base/clair-pg-old.service.yaml
new file mode 100644
index 000000000..865d42331
--- /dev/null
+++ b/kustomize/components/clairpgupgrade/base/clair-pg-old.service.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: clair-postgres-old
+  labels:
+    quay-component: clair-postgres-old
+  annotations:
+    quay-component: clair-postgres-old
+spec:
+  type: ClusterIP
+  ports:
+    - port: 5432
+      protocol: TCP
+      name: postgres
+      targetPort: 5432
+  selector:
+    quay-component: clair-postgres-old
diff --git a/kustomize/components/clairpgupgrade/base/clair-pg-upgrade.job.yaml b/kustomize/components/clairpgupgrade/base/clair-pg-upgrade.job.yaml
index 41f1278f2..19be19445 100644
--- a/kustomize/components/clairpgupgrade/base/clair-pg-upgrade.job.yaml
+++ b/kustomize/components/clairpgupgrade/base/clair-pg-upgrade.job.yaml
@@ -31,7 +31,7 @@ spec:
               valueFrom:
                 secretKeyRef:
                   name: clair-config-secret
-                  key: clair-db-host
+                  key: clair-db-old-host
             - name: POSTGRESQL_MIGRATION_ADMIN_PASSWORD
               value: postgres
             - name: POSTGRESQL_SHARED_BUFFERS
@@ -49,9 +49,9 @@ spec:
               cpu: 500m
               memory: 2Gi
           command:
-          - "/bin/sh"
-          - "-c"
+            - "/bin/sh"
+            - "-c"
           args:
-          - >
-            run-postgresql --version || (echo "postgres migration command failed, cleaning up..." && rm -rf /var/lib/pgsql/data/* && exit 1)
+            - >
+              run-postgresql --version || (echo "postgres migration command failed, cleaning up..." && rm -rf /var/lib/pgsql/data/* && exit 1)
   backoffLimit: 50
diff --git a/kustomize/components/clairpgupgrade/base/kustomization.yaml b/kustomize/components/clairpgupgrade/base/kustomization.yaml
index d4fe25137..27bdd79a2 100644
--- a/kustomize/components/clairpgupgrade/base/kustomization.yaml
+++ b/kustomize/components/clairpgupgrade/base/kustomization.yaml
@@ -4,5 +4,6 @@ resources:
   - ./clair-pg-upgrade.job.yaml
   - ./clair-pg-old.persistentvolumeclaim.yaml
   - ./clair-pg-old.deployment.yaml
+  - ./clair-pg-old.service.yaml
 patchesStrategicMerge:
   - ./clair-pg.deployment.patch.yaml
diff --git a/pkg/kustomize/secrets.go b/pkg/kustomize/secrets.go
index fd5314ce4..ba22668df 100644
--- a/pkg/kustomize/secrets.go
+++ b/pkg/kustomize/secrets.go
@@ -377,6 +377,7 @@ func componentConfigFilesFor(log logr.Logger, qctx *quaycontext.QuayRegistryCont
 		cfgFiles["config.yaml"] = cfg
 		cfgFiles["01_user_config.yaml"] = configFiles["clair-config.yaml"]
 		cfgFiles["clair-db-host"] = []byte(strings.TrimSpace(strings.Join([]string{quay.GetName(), "clair-postgres"}, "-")))
+		cfgFiles["clair-db-old-host"] = []byte(strings.TrimSpace(strings.Join([]string{quay.GetName(), "clair-postgres-old"}, "-")))
 
 		return cfgFiles, nil
 	default: